tombroucke/otomaties-core

Optimize WordPress installation for performance, security etc.

Maintainers

Package info

github.com/tombroucke/otomaties-core

Type:wordpress-muplugin

pkg:composer/tombroucke/otomaties-core

Statistics

Installs: 7 678

Dependents: 1

Suggesters: 0

Stars: 8

Open Issues: 1

Security

Advisories: 0

Aikido package health analysis

2.2.1 2026-06-05 13:00 UTC

Requires

Requires (Dev)

MIT e9d12bc5ee118ac9f6ee0b93a52adffd54ac9fe3

  • Tom Broucke <tom.woop@tombroucke.be>

This package is auto-updated.

Last update: 2026-06-05 13:01:10 UTC

README

Installation

composer require tombroucke/otomaties-core

Features

ACF

  • Hide ACF screen in production (WP_ENV == 'production') & staging environments (WP_ENV == 'staging'). To overrule: add_filter('acf/settings/show_admin', '__return_false');

Admin

  • Disable comments, remove from admin. To enable comments: add_filter('otomaties_open_comments', '__return_true');
  • Adds an environment indicator for staging and development environments. To disable: add_filter('otomaties_enable_environment_indicator', '__return_false');

Branding

  • Logo on login screen
  • Logo in toolbar
  • Admin footer

To disable: add_filter('otomaties_whitelabel', '__return_true'); or installed the mu-plugin: composer require tombroucke/whitelabel-otomaties-core

Frontend

  • Disable emojis. To enable: add_filter('otomaties_disable_emojis', '__return_false');
  • Set default image link type to 'file'. To change: add_filter('otomaties_set_default_image_default_link_type', '__return_false');
  • Clean up head section
  • Redirect single search result. To disable: add_filter('otomaties_redirect_single_search_result', '__return_false');
  • Add shortcode for e-mailaddress obfuscation: [email]info@example.com[email] or [email address="info@example.com"]

Security

Notices for

  • WP_DEBUG or DISALLOW_FILE_EDIT is TRUE
  • debug.log is publicly accesible
  • No security plugin active.

Login screen

  • Add generic error to login screen

SSL

  • Force HTTPS on attachments

General

  • Disable updating of critical options users_can_register & default_role. To disable: add_filter('otomaties_disable_update_critical_options', '__return_false');

Otomaties Connect

  • Otomaties connect can fetch data over the rest API. Secured authentication with a public/private key pair.
Connection

In your .env file or wp-config.php file, add the OTOMATIES_CONNECT_KEY constant from the Otomaties connect portal.

OTOMATIES_CONNECT_KEY='XXXX-XXXX-XXXX-XXXX'

define('OTOMATIES_CONNECT_KEY', 'XXXX-XXXX-XXXX-XXXX');

Revision

  • revision.txt needs to be in web root
  • format: 'YmdHis {{commit hash}}'
  • Show revision in admin footer for administrator role
  • Show revision in console for all environments except production

To disable revisions: add_filter('otomaties_display_revision', '__return_false');

Building

There is a separate command to build the vendor_prefixed directory. Additional production dependencies should be added in the composer.json file under extra.require-scoped, after which the vendor_prefixed should be rebuilt.

Prerequisites

  • jq (brew install jq)
  • php-scoper (composer global require humbug/php-scoper)

Build command

  • To build the vendor_prefixed directory, run bash scoper.sh.